Rules
Risk Assessment Summary
Rule | Severity | Likelihood | Detectable | Repairable | Priority | Level |
|---|---|---|---|---|---|---|
| IDS00-J | High | Likely | Yes | No | P18 | L1 |
| IDS01-J | High | Probable | No | No | P6 | L2 |
| IDS03-J | Medium | Probable | No | No | P4 | L3 |
| IDS04-J | Low | Probable | No | No | P2 | L3 |
| IDS06-J | Medium | Unlikely | Yes | No | P4 | L3 |
| IDS07-J | High | Probable | Yes | No | P12 | L1 |
| IDS08-J | Medium | Unlikely | Yes | No | P4 | L3 |
| IDS11-J | High | Probable | No | No | P6 | L2 |
| IDS14-J | High | Probable | No | No | P6 | L2 |
| IDS16-J | High | Probable | Yes | No | P12 | L1 |
| IDS17-J | Medium | Probable | No | No | P4 | L3 |
10 Comments
Marc Peña
Oct 08, 2015I noticed that IDS01-J. Normalize strings before validating them is missing from the the rules index.
David Svoboda
Oct 08, 2015Good catch, I've fixed it.
Alexandre GIGLEUX
Nov 15, 2018Hello,
1. IDS00-J is duplicated in the "Risk Assessment Summary". I believe we should keep only the first row having Level = L1
2. Why are there only 8 entries in the "Risk Assessment Summary" table while there are 17 entries in the "Rule 00" category?
Thanks
Derek Leung
Nov 21, 2018Hi Alexandre,
Ahmed Shah
Mar 11, 2020Hello,
If IDS14-J (IDS14-J. Do not trust the contents of hidden form fields) is complete should the "Risk Assessment" of IDS14-J be added this "Risk Assessment Summary"?
David Svoboda
Mar 11, 2020Fixed.
Markus Elfring
May 01, 2023How often would you like to use the word “Likely” (in the column “Likelihood”)?
David Svoboda
May 01, 2023Unlikely
. I would rather that most rules were unlikely...eg. it would be very unlikely for a weakness to be exploited.
Markus Elfring
May 01, 2023Does the text “Likelhy” indicate a typo here?
David Svoboda
May 01, 2023Fixed, thanks.